By Benjamin Yarbrough, CEO, Calyptix Security
Hackers and small businesses share one thing: they rely on email.
Todays’ cybercriminals are organized and business-minded. They make investments and they expect returns. Some invest in big targets, such as Home Depot and Anthem. Others invest in massive attacks, such as ransomware and botnets.
These massive attacks are behind most cybercrime. They can only succeed by exploiting a widespread technology — and what is more widespread than email? Email is one of the top entry points for cyberattacks of all sizes, particularly in small businesses. The reasons are clear:
Attackers are improving their tactics. They have learned tailored messages sent to smaller lists can yield better results. Instead of sending millions of emails, they use an approach known as spear phishing to reach narrower targets such as “all attorneys at businesses with 100 or fewer employees” or even “Jennifer Jones, Attorney at Acme Inc.”
The proportion of spear phishing attacks against small businesses has grown every year since 2013. Last year, 43 percent of all spear phishing targeted companies with fewer than 250 employees, according to the Symantec 2016 Internet Security Threat Report (ISTR).
The point is the attackers are using details about their targets to create tailored messages that are harder to detect. These custom phishing emails work. Nearly one-third of all phishing messages reviewed for the Verizon 2016 Data Breach Investigations Report were opened, and a terrifying 12 percent were clicked. This represents a big jump in open rate over previous years. The median time for a new phishing attack to be opened by the first victim is only 100 seconds.
Small businesses may not make headlines when they are hit by a phishing attack, but the results can be devastating nonetheless. Data theft, financial loss, and tarnished reputations can be just the beginning, unless you are prepared. Protect your business and your clients against phishing attacks with these tips:
These tips will put you a long way down the road to a safer network. Other essentials — such as patching systems and using anti-virus — should not be forgotten. Prepare your business and your clients for the inevitable and move forward with confidence.
Benjamin Yarbrough oversees the operations of Calyptix Security, a network security provider for small business. He helps coordinate the sales, support, and development teams to help best serve customers, and also works to maintain the company’s finances and foster its vision.